Privacy
Privacy & Security Policy
Privacy & Security Policy
Introduction
O&P Assistant is fully HIPAA compliant, adhering to all applicable regulations and guidelines to protect your privacy and ensure the security of your data. We prioritize privacy and security in every aspect of our operations. This policy details our commitment to the secure handling, storage, and processing of data, ensuring adherence to the Health Insurance Portability and Accountability Act (HIPAA) and other applicable data protection laws.
View our Business Associate Agreement.
Internal Personnel Security
Prospective O&P Assistant employees are subject to comprehensive background checks before their hiring.
Annually, all employees must complete training emphasizing HIPAA compliance, privacy, and proper handling of sensitive information.
Compliance Measures
Regular risk assessments are conducted at O&P Assistant to ensure that our policies and procedures continue to be effective and relevant.
The Chief Technology Officer (CTO) at O&P Assistant is charged with the oversight of our Privacy and Security protocols.
Secure Development Lifecycle
All changes to our software undergo a thorough review for compliance with our stringent standards.
We implement infrastructure-as-code practices, with each change undergoing careful review before deployment.
Secure development practices training is mandatory for all engineers, reinforcing our commitment to security.
Cloud Hosting and Availability
O&P Assistant entrusts Microsoft’s Azure secure data centers for all hosting services, where data storage and processing occur.
A HIPAA Business Associate Agreement is maintained with Microsoft, ensuring compliance with privacy regulations.
We utilize Azure’s high-availability infrastructure to guarantee uninterrupted access to data.
Confidentiality and Data Encryption
We encrypt all data, whether at-rest or in-transit, using industry-standard encryption methods to safeguard confidentiality.
Vendor Management
Vendors processing patient information on behalf of O&P Assistant must be HIPAA compliant and are required to sign Business Associate Agreements (BAAs) with us.
Our team regularly reviews vendor security practices to ensure they meet our high standards of data protection.
Introduction
O&P Assistant is fully HIPAA compliant, adhering to all applicable regulations and guidelines to protect your privacy and ensure the security of your data. We prioritize privacy and security in every aspect of our operations. This policy details our commitment to the secure handling, storage, and processing of data, ensuring adherence to the Health Insurance Portability and Accountability Act (HIPAA) and other applicable data protection laws.
View our Business Associate Agreement.
Internal Personnel Security
Prospective O&P Assistant employees are subject to comprehensive background checks before their hiring.
Annually, all employees must complete training emphasizing HIPAA compliance, privacy, and proper handling of sensitive information.
Compliance Measures
Regular risk assessments are conducted at O&P Assistant to ensure that our policies and procedures continue to be effective and relevant.
The Chief Technology Officer (CTO) at O&P Assistant is charged with the oversight of our Privacy and Security protocols.
Secure Development Lifecycle
All changes to our software undergo a thorough review for compliance with our stringent standards.
We implement infrastructure-as-code practices, with each change undergoing careful review before deployment.
Secure development practices training is mandatory for all engineers, reinforcing our commitment to security.
Cloud Hosting and Availability
O&P Assistant entrusts Microsoft’s Azure secure data centers for all hosting services, where data storage and processing occur.
A HIPAA Business Associate Agreement is maintained with Microsoft, ensuring compliance with privacy regulations.
We utilize Azure’s high-availability infrastructure to guarantee uninterrupted access to data.
Confidentiality and Data Encryption
We encrypt all data, whether at-rest or in-transit, using industry-standard encryption methods to safeguard confidentiality.
Vendor Management
Vendors processing patient information on behalf of O&P Assistant must be HIPAA compliant and are required to sign Business Associate Agreements (BAAs) with us.
Our team regularly reviews vendor security practices to ensure they meet our high standards of data protection.
Introduction
O&P Assistant is fully HIPAA compliant, adhering to all applicable regulations and guidelines to protect your privacy and ensure the security of your data. We prioritize privacy and security in every aspect of our operations. This policy details our commitment to the secure handling, storage, and processing of data, ensuring adherence to the Health Insurance Portability and Accountability Act (HIPAA) and other applicable data protection laws.
View our Business Associate Agreement.
Internal Personnel Security
Prospective O&P Assistant employees are subject to comprehensive background checks before their hiring.
Annually, all employees must complete training emphasizing HIPAA compliance, privacy, and proper handling of sensitive information.
Compliance Measures
Regular risk assessments are conducted at O&P Assistant to ensure that our policies and procedures continue to be effective and relevant.
The Chief Technology Officer (CTO) at O&P Assistant is charged with the oversight of our Privacy and Security protocols.
Secure Development Lifecycle
All changes to our software undergo a thorough review for compliance with our stringent standards.
We implement infrastructure-as-code practices, with each change undergoing careful review before deployment.
Secure development practices training is mandatory for all engineers, reinforcing our commitment to security.
Cloud Hosting and Availability
O&P Assistant entrusts Microsoft’s Azure secure data centers for all hosting services, where data storage and processing occur.
A HIPAA Business Associate Agreement is maintained with Microsoft, ensuring compliance with privacy regulations.
We utilize Azure’s high-availability infrastructure to guarantee uninterrupted access to data.
Confidentiality and Data Encryption
We encrypt all data, whether at-rest or in-transit, using industry-standard encryption methods to safeguard confidentiality.
Vendor Management
Vendors processing patient information on behalf of O&P Assistant must be HIPAA compliant and are required to sign Business Associate Agreements (BAAs) with us.
Our team regularly reviews vendor security practices to ensure they meet our high standards of data protection.
This Privacy & Security Policy may be revised periodically. O&P Assistant reserves the right to update this document as needed, reflecting changes in legal, technological, or business practices. For questions or concerns regarding this policy, please contact us at info@op-assistant.com.